Microsoft® Windows® 2000 Scripting Guide
« Previous | Next »
The sAMAccountName attribute must be unique among all security principal objects within a forest. If you are using a script to create a user account in a domain, one way to verify that the sAMAccountName has not already been used is to search for the sAMAccountName attribute in the forest.
Listing 7.27 contains a script that uses LDAP search dialect to verify that a user account with a particular sAMAccountName does not already exist. To carry out this task, the script performs the following steps:
Lines 8 11 specify the search base, two search filters, the attribute to return, and the search scope.
The search filter on line 10 limits the query to a sAMAccountName of myerken.
If the RecordCount property of the RecordSet object is 0, display a message stating that the sAMAccountName is not in use.
If the RecordCount property is not 0, use a While Wend statement to display each record in objRecordSet. Use the MoveNext method of the RecordSet object to move to the next record.
A sAMAccountName value can be used only once in a forest. However, it is possible that user account types can exist in the LostAndFound container in a domain. A user account in this container does not prevent you from creating a duplicate user account type with the sAMAccountName. However, if the sAMAccountName is in use in another container, the While Wend statement will display both the sAMAccountName in LostAndFound and the sAMAccountName in the other container.
Listing 7.27 Performing a Search to Determine Whether a User Account Name Is in Use
|
|
Send us your feedback | « Previous | Next » |